IT pros say ransomware attacks on the rise, but enterprises have no plan

In India, more than half (52%) of IT professionals reported an increase in ransomware attacks in the past 12 months, higher than the global figure of 48%, in a research report published on Tuesday. Surprisingly, less than half (48%) of enterprises surveyed in India have a formal ransomware plan, the report said. 

The research report published by cybersecurity firm Thales in its annual cyber security report which surveyed nearly 3,000 IT and security professionals in 18 countries including India, also identifies cloud assets and IoT devices as the primary targets for cyber-attacks. In India, 53% of respondents claimed that their IoT devices were the biggest targets, followed by cloud-based storage (41%) and cloud-delivered applications (SaaS) (40%). These figures highlight the growing risks associated with the rapid shift towards cloud-based workloads and the need for enterprises to prioritize data security. 

Human error, misconfiguration, and other mistakes are identified as the leading cause of cloud data breaches in the report. In India, 52% of respondents who suffered a data breach in the past 12 months cited human error as the primary cause. 

According to the study, although the severity of ransomware attacks appears to be declining, data loss from these attacks remains a significant concern for enterprises in India. A staggering 82% of Indian respondents reported data loss from ransomware attacks, compared to 67% globally. 

Data sovereignty is becoming an increasingly pressing concern for data privacy and security teams, with 82% of Indian respondents expressing concerns over data sovereignty. Additionally, the emergence of quantum computing presents a potential threat to classical encryption schemes. 

To be sure, other recent reports have also focused on the increase of ransomware and other cyber-attacks in the country. According to a report published by American cyber security firm Palo Alto Networks' Unit 42 Threat Intelligence team, India is now the second most targeted country by ransomware attacks after Australia in the Asia Pacific and Japan (APJ) region, and globally, it occupies the 10th spot following the US, United Kingdom, Germany, Canada and France, among others. 

The study also said that in India, Maharashtra, followed by New Delhi, Uttar Pradesh, Tamil Nadu, West Bengal and Karnataka, are found to be the most-targeted states with ransomware attacks. 

Another report released on February 8, by cyber-security firm CloudSEK, also said that India was ranked the highest attacked country by hackers in Asia and the second-most attacked country globally (after the US) in 2022.

Needless to say, 2022 saw some of the biggest ransomware attacks in India wherein the country's leading institutions including, All India Institute of Medical Science (AIIMS), Safdarjung Hospital, SpiceJet Airline, National Informatics Centre (NIC), Tata Power and many more. 

With the increasing number of ransomware attacks and cloud data breaches, Ashish Saraf, VP and Country Director, Thales — India, calls for businesses to focus on implementing robust security measures to protect against these evolving threats. He emphasises the importance of maintaining better control over data in an increasingly cloud-first world, where cloud-based storage is perceived as one of the biggest targets for cyber-attacks. 

In an interview with Tech Circle published on April 12, Jeff Abbott, Chief Executive Officer at Ivanti, also stressed that while there’s no easy way to stop ransomware attacks, it is important to have a strong sense and practice of cyber hygiene., including best practices like installing antivirus and malware software and scanning for viruses, patch management to fix software vulnerabilities and also using firewalls to stop unauthorised users from getting information. “Companies should also follow a proactive approach to security with a greater engagement from C-level executives and in terms of offering security training to every employee in the organisation,” he said.